Hello!

 

I have a problem with the VLAN configuration for Wireless Networks.

 

My setup:

1) I have a Switch (SW-01) which is connected to a firewall and behind that firewall I have a DHCP-Server (via DHCP-Relay configuration on the firewall)

2) SW-01 is connected to an Accesspoint (AP-01) on Port-02 and gets the IP settings from the DHCP-Server = 192.168.100.50

3) SW-01 is connected to the Omada Controller (OC200) on Port-04 and gets the IP settings from the DHCP-Server = 192.168.100.240

> The assignment of the IPs works as expected!

4) SW-01 is connected to the Firewall on Port-07 IP = 192.168.100.254. Firewall acts as the Gateway for my environment.

 

5) I configured two Wired Networks (LANs)

5.1) VLAN254 as VLAN with VLAN-ID = 254

5.2) VLAN253 as VLAN with VLAN-ID = 253

 

6) I configured three Wireless Networks

6.1) WLAN-Gast

- VLAN = default

6.2) WLAN-Radius

- VLAN = default

6.3) WLAN-Devices

- VLAN = 253

 

7) I created Switch-Profiles

7.1) APUplink with the following settings:

---

Native Network = VLAN254(254)

Tagged Networks = VLAN253(253), Default(1)

Untagged Networks = VLAN254(254)

---

> APUplink profile is active on Port-02 on SW-01 (where the AP is connected to)

 

7.2) FWUplink with the following settings:

---

Native Network = Default(1)

Tagged Networks = VLAN253(253),VLAN254(254)

Untagged Networks = Default(1)

---

> FWUplink ist active on Port-07 on SW-01 (where the FW is connected to)

 

 

What I want to do/achieve:

1. I want the Omada Controller, Switch along with several NBs within the LAN(Default) with VLAN-ID = 1 and IP addresses 192.168.100.0/24 (via DHCP as explained above) --> This works so far

2. I want the Accesspoint to be in a different Network! That's why I created the Switch-Profile "APUplink" and put the Accesspoint into the Native Network = VLAN254.

> It is crucial to understand that the Accesspoints Native Network is now VLAN254 with VLAN-ID=254

> With the active profile the Accesspoint now gets the IP = 10.254.100.50 from the DHCP-Server (works as expected!!!)

3. ATTENTION! Now comes the part where I have this huge problem!

- When I connect to WLAN-Radius via the Accesspoint, I want to have access to the LAN(default) (VLAN ID = 1)!

- When I go to Wireless Networks > WLAN-Radius > Advanced Settings > VLAN and set VLAN = default one should think that WLAN-Radius is now within the LAN(default). BUT this setting means that WLAN-Radius ADOPTS the NATIVE NETWORK FROM THE ACCESSPOINT which is VLAN254(254) 

- So when I try to set a custom VLAN via Wireless Networks > WLAN-Radius > Advanced Settings > VLAN > Custom > By VLAN ID = 1,  I get the error message "This SSID VLAN ID can not be same as the exist default LanNetwork profile."

 

>> So how can I achieve that when I connect to WLAN-Radius via Accesspoint which is in the native network VLAN254(254) that I have access to the LAN(default) with VLAN-ID=1 ??? My only condition would be that the native network from the Accesspoint CAN NOT be the Default(1)-LAN. It needs to be in a different network. But via profile APUplink it can transfer frames from Default(1) as tagged.

 

If you have any solutions I would be very happy. 

 

Kind regards,

 

JaSa1